OpenBSD Kernel Semaphore Allocation Bug Lets Local Users Deny Service
|
|
SecurityTracker Alert ID: 1016756
|
|
SecurityTracker URL: http://securitytracker.com/id?1016756
|
|
CVE Reference: CVE-2006-4435
(Links to External Site)
|
Updated: Jun 8 2008
|
Original Entry Date: Aug 25 2006
|
Impact: Denial of service via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: OpenBSD Errata
|
Version(s): 3.8, 3.9
|
Description: A vulnerability was reported in the OpenBSD Kernel. A local user can cause denial of service conditions.
A local user can cause more than the default number of semaphores to be allocated to cause a kernel panic.
|
Impact: A local user can cause a kernel panic.
|
Solution: OpenBSD has issued the following fixes:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/007_sem.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/012_sem.patch
|
Vendor URL: www.openbsd.org/ (Links to External Site)
|
Cause: Resource error, State error
|
Underlying OS: UNIX (OpenBSD)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 25 Aug 2006 15:52:03 -0400
Subject: OpenBSD vulnerability
|
SECURITY FIX: August 25, 2006 All architectures
It is possible to cause the kernel to panic when more than the default number of
sempahores have been allocated.
A source code patch exists which remedies this problem.
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/007_sem.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/012_sem.patch
|
|
